Time-constraint Access Control in Pervasive Computing Environments
|
|
- Dwain Joseph
- 5 years ago
- Views:
Transcription
1 Time-constraint Access Control in Pervasive Computing Environments Jun-qing Li Quan-ke Pan Sheng-xian Xie Yu-ting Wang ABSTRACT This paper presents a novel access control model named PC-TRBAC (Time-constraint Role-based access control for Pervasive Computing). We give a detail analysis of the access control characteristics in the pervasive computing environments and the overview of the traditional access control model. In order to adapt to the pervasive computing, we add some time constraints into our new access control. Some new time constraints including active time span, active time length, activation time interval, average active duration and entity dependency duration were proposed. At last, we give the framework of our new access control model, and the component definitions are also proposed. Key Words: Role-Based Access Control; Pervasive computing; Time-constraint 1. Introduction With the development of the network technology, we have entered into an age named pervasive computing after the Web stage and P2P stage. Pervasive computing is a new technology which will also named ubiquitous computing, connecting every kind of computing devices such as PDA, PC, Wireless sensor, Mobile phone and other wireless devices in a open and heterogeneous environment [1]. Pervasive computing has gained more and more focus in recent yeas and been improved in many aspects. However, there are lots of problems in pervasive computing environments, most of which fall into five main classifications: attention, complexity, privacy, security, and extensibility [2,3]. Access control infrastructure is the most important security component of pervasive computing environments. How to assign suitable permissions to the needed entities who want to access certain resources in the pervasive computing environments becomes a series problem. Access control is a very important component of network and information security. The focus of access control is to authorize proper users with minimum but enough privilege to accomplish its work [5]. We can divide current access control model into six categories: DAC (Discretionary access control), MAC (Mandatory access control), RBAC (Role based access control) [6], TBAC (Task-based authorization control) [7,9], UC (Usage control) [8] and EDAC (Enterprise dynamic access control) [10]. RBAC is widely used in present enterprise environments, which can adapt to open and dynamic collaborative environments with controllable managements messages. However, there are lots of directions which should be complemented in RBAC standard model,
2 including dynamic fine-grained features and the time-constraints characteristic. 2. Access Control in Pervasive Computing In recent years, pervasive computing has got more and more focus and improved our life deeply. With many kinds of smart devices such as PDA, smart gadgets, mobile devices and wireless sensors, out life have become more interesting and intelligent than before. However, one key challenge in pervasive computing applications is managing security and access control. The traditional access control such as RBAC and TBAC has been used widely for many years. However, these access control model can not be transplanted into pervasive computing applications directly, and minor changes must be made to make traditional access control adapt to pervasive computing environments. The main access control characteristics in pervasive computing are as follows [2,3,4]: (1) Context-sensitive The user-to-role and role-to-permission mapping processes should be context-sensitive in pervasive computing environments. For example, let us assume a scene that a teacher is teaching in a network classroom, when the teacher permit his students download some files from his hard-disk, in this context, his students will be assigned with some roles like downloader. At other time, these students can not access the teacher s hard-disk. Therefore, our access control must resolve how to distinguish the entire context events. (2) Mobility There are lots of mobile devices that will attend in the pervasive computing applications, such as mobile phone, PDA, wireless sensor. When these devices move from one site to another, our access control must capture this situation and adjust the condition database to assign suitable roles for the requestors. (3) Multi-region A requestor in a pervasive computing environment will access multiple mobile devices at a certain time. For example, a student may use his PDA to download some resources when he requests for printing some documents. The devices may come from different regions with different access control rules, how to map different roles among different regions is the key problem in the access control mechanism of the pervasive computing applications. 3. Overview of Traditional Access Controls In this section, we describe the most popular access control model as follows RBAC RBAC is the first access control model which can adapt to flexible and open collaborative environment. In the RBAC model, users are associated with roles, and roles are associated with permissions. As we know, there are lots of users who will access resources in a same collaborative system, and their behaviors are dynamic. The core RBAC model includes five basic elements, i.e. U (users), R (roles), O (objects), OP (Operations) and P (permissions). The core RBAC also has some useful session sets, which is the mapping relationship between some users and some adaptable roles. The components in the core RBAC model as follows: Users = u1, u2, um}, is the set of all the users; Roles = r, r, r }, is the set of all the roles; 1 2 n op1, op2, opk Ops = }, is the set of all the operations; Objects = ob, ob, ob }, is the set of all the objects; Sessions 1 2 l ( Ops Objects ) = 2, is the set of all the permissions; = s1, s2, s p}, is the set of all the sessions; UA Users Roles, is a many-to-many user-to-role PA Roles, is a many-to-many permission-to-role Users assigned _ users : ( r : Roles) operation which can return the users with some certain roles; assigned _ perms : ( r : Roles) operation which can return certain permissions be assigned to the given roles; Roles assigned _ roles : ( u : Users) operation which can return certain roles be assigned to the given users; op( p : ) Ops, is an operation which can return the related operation with the given permission; ob( p : ) Objects, is an operation which can return the related operation with the given objects; Sessions user _ sessions( u : Users) operation which can return the related sessions with the given object users; Users session _ users( s : Sessions) operation which can return the related users with the given sessions;
3 session 2 Roles _ roles( s : sessions), is an operation which can return the related roles with the given sessions; session _ perms( s : sessions) 2, is an operation which can return the related permissions with the given sessions; 3.2. EDAC The Enterprise Dynamic Access Control (EDAC) represents an access control model that adheres to the basic principles of Role-based Access Control standard. The EDAC accommodates complex and scalable access control situations many government and civilian organizations are experiencing when managing resource access. The main components of the EDAC model include Customer Personnel Database (CPD), Customer Object Profile Manager Service (OPMS), Customer Meta-Database (CMD), Customer portal, Customer resources, Customer environmental interfaces, Condition Manager Service (CMS), Rules Engine Service (RES), Repository Service (RS), Administrative Service (AS), Structure Format Service (SFS) and Condition Deprecator Service (CDS). The most known advantages of the EDAC model mainly fall into three aspects: (1) The EDAC model establishes an effective security policy and accommodates enterprise implementations among regions; (2) The EDAC can evaluate inheritance on every user characteristic and environmental; (3) It is very convenient to configure condition constraints in the EDAC model. 4. Time constraint 4.1. Time definition We define two time granularity unit as follows: Definition 1: Time unit The time unit is used to describe the minimum unit of time. For example, we can describe a time point as year-month-day-hour-minute-second, therefore, second will be the time unit of this time point. We can use a time unit set as follows: TU = 1 2 k t, t, t } The popular time unit can be minute, second, hour, day, week, month and year. Definition 2: Time space Time space is all the time point that are divided by the same time unit in a certain period of time, the definition is as follows: TS = pt ( i) i N, t TU Here, p t (i) is the i th time point with the t time unit. For example, a session start at :30:30, therefore, we can set p 1 (1)= :30:30,p 2 (1)= :30,p 3 (1)= ,p 4 (1)= ,p 5 (1)= ,p 6 (1)= Time constraint definition (1) Activation time length Activation time length constraint was used to make a rule that an operation can only be active during a fixed length of time, e.g. one hour or one minute. (2) Activation time interval Activation time interval constraint was used to make a rule that an operation should be re-started after a certain period of time between its two runtime phases. (3) Entity dependency duration There are lots of dependencies among many entities. For example, a user can not have the permission to print his phone call list until he has paid his owed phone call fee. Therefore, a user can be assigned with a printer role after he has accomplished his payer role. There are also other roles dependencies. For example, a user can be assigned with a role A after he has gotten his role B; however, there are lots of accidental events that make the user waiting for getting the role A. After a certain period of time, the user is still waiting for the role A. We must make a rule to prohibit this situation. Therefore, we propose a new term named EDD to indicate that if a user waits a role for a given time length, we should ask the user abandon his waiting activity and make a try in another time. 5. The Access Control Framework Considering the access control characteristics of the pervasive computing applications, we design a new access control named PC-TRBAC Components definition (1) Enforcer. It represents the external interface for the requestor. The enforcer is responsible for the management and enforcement of the access control decision returned from the evaluator component. The enforcer component consists of three sub-components, i.e. customer metadatabase directory, customer portal, environmental interface. (2) Evaluator. The decision component of our access control whose duty is to collect the ambient-based policies and match them against the requests submitted by the requestor. (3) Customer meta-database directory (Directory service). The directory service is used to construct a general and uniform data type for different request from different requestors. (4) Repository Service. The repository service stores the resource access conditions such as time-constraint conditions, role dependency conditions, conflicting conditions.
4 Enforcer Requestor Figure 1. Structure of the PC-TRBAC model 5.2. Model definition The definition of PC-TRBAC is a five- elements set <U, R, P, S, C>. Here, C (Conditions) represents the trust conditions. We also add a new attribute named t to U. The definitions of the entities in our system are as follows: U, R, P, S and C (users, roles, permissions, sessions and conditions respectively); PA P R,a many-to-many permissionto-role UA U R, a many-to-many user-to-role The definitions of the operations are as follows: users: (S U), a mapping operation which assign a users to a session; CR: (C R),a one-to-one time-constraint condition-to-role assignment relationship, a peer with suitable time-constraint condition will be assigned a role with a given permission. roles: S 2 R, a mapping operation which assign a set of roles roles(s i ) r (users(s i ), r) UA) (users(si ).t, r) CR } The permissions set that S i has is r roles( Si) p (p,r) PA}. Customer meta-database Evaluator Repository service 6. Conclusion There are lots of security problems in the pervasive computing environments. The differences between the pervasive computing and other computing environments decide that we can not apply the traditional security mechanism into the pervasive computing directly. In this paper, we first give some key access control characteristics of the pervasive computing and some key traditional access control mechanism. Then, we propose a new access control with many novel time constraints which can adapt to the access control characteristics in the pervasive computing excellently. The future work is to make our new access model adapt to the dynamic characteristic in the pervasive computing environments and make it more robust. 7. Acknowledgement This research was partially supported by grants 2006AA01Z455 from the National High-Tech Research and Development Plan of China, , from National Science Found from China, 2004ZX17 and 2004ZX14 from the Natural Science Foundation of Shandong Province, J08LJ20 from Science Research and Development of Provincial Department of Public Education of Shandong and X from the Science Foundation of Liaocheng University. References [1] Weiser M. Some Computer Science Issues in Ubiquitous Computing. Comm. ACM, 1993, 36 (7): 72~84. [2] Henricksen K,Indulsks J,Rakotonirainy A. Modeling Context Information in Pervasive Computing Systems. In: Proc. of the 1st International Conference, Pervasive, Lecture Notes in Computer Science, Springer Verlag, Vol 2414, 2002, pp. 167~ 180. [3] Chrysanthis P K, Pitoura E. Tutorial 2: Mobile and Wireless Database Access for Pervasive Computing. In. Proc. of the 16th Intl. Conf. on Data Engineering, [4] Driessen P F,Gabert J,et al. An Internet protocol for flexible. scalable, and secure interaction with ubiquitous computing devices. IEEE, [5] William Tolone, Gail-Joon Ahn, Tanusree Pai and Seng-Phil Hong, Access control in collaborative systems, ACM Computing Surveys (CSUR), vol. 37, no. 1, pp , Mar [6] Sandhu R S, Coyne E J, Feinstein H L, et al, Rolebased Access Control Models, IEEE Computer, vol. 29, no. 2, pp , [7] Thomas R K,Sandhu R, Task-based authentication controls(tabc):a family of models for active and enterprise-orien-ted authentication management. in Proceedings of the 11th IFIP WG11.3 Workshop on Database Security, Lake Tahoe, California, London: Chapman Hall, 1997, pp [8] Martinelli F, Mori P, and Vaccarelli A, Towards Continuous Usage Control on Grid Computational Services, in Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services, Papeete, Tahiti, Los Alamitos, CA: IEEE CS Press, 2005, pp [9] George Coulouris, Jean Dollimore and Marcus Roberts, Role and task-based access control in the PerDiS groupware platform, in Proceedings of the third ACM workshop on Role-based access control, Fairfax, Virginia, United States, 1998, pp [10]
5 [11] Bertino E, Bonatti PA, Ferrari E. TRBAC: A temporal role-based access control model. ACM Trans. on Information and System Security, 2001,4(3):
A Context-sensitive Access Control Model and Prototype Implementation
A Context-sensitive Access Control Model and Prototype Implementation Damian G. Cholewka 1, Reinhardt A. Botha 2, Jan H.P. Eloff 1 1 Rand Afrikaans University, Johannesburg, South Africa 2 Port Elizabeth
More information2002 Journal of Software
1000-9825/2002/13(01)0092-07 2002 Journal of Software Vol13, No1,, (,100871) E-mail {zouwei,sjs,sunyc}@cspkueducn http//wwwpkueducn,,,,, ; ; ; TP311 A, (component-based software development, CBSD) CBSD,,,,
More informationA Framework for Enforcing Constrained RBAC Policies
A Framework for Enforcing Constrained RBAC Policies Jason Crampton Information Security Group Royal Holloway, University of London jason.crampton@rhul.ac.uk Hemanth Khambhammettu Information Security Group
More informationAn Object-Dependent and Context Constraints-Aware Access Control Approach Based on RBAC
An Object-Dependent and Context Constraints-Aware Access Control Approach Based on RBAC Xiaoli Ren, Lu Liu and Chenggong Lv School of Economics & Management, Beihang University, Beijing 100083, P.R. China
More informationEnhanced Sharing and Privacy in Distributed Information Sharing Environments
Enhanced Sharing and Privacy in Distributed Information Sharing Environments Ahmad Kamran Malik, Schahram Dustdar Distributed Systems Group, Vienna University of Technology, Austria {kamran, dustdar}@infosys.tuwien.ac.at
More informationSecure Role-Based Workflow Models
Secure Role-Based Workflow Models Savith Kandala and Ravi Sandhu Savith Kandala Ravi Sandhu CygnaCom Solutions. SingleSignOn.Net and George Mason University (An Entrust Technologies Company) Dept. of Information
More informationResource and Role Based Access Control Model. Xingdong Li, Zhengping Jin
3rd International Conference on Mechatronics and Industrial Informatics (ICMII 2015) Resource and Role Based Access Control Model Xingdong Li, Zhengping Jin State Key Laboratory of Networking and Switching
More informationRB-GACA: A RBAC based Grid Access Control Architecture
RB-GACA: A RBAC based Grid Access Control Architecture Weizhong Qiang, Hai Jin, Xuanhua Shi, Deqing Zou, Hao Zhang Cluster and Grid Computing Lab Huazhong University of Science and Technology, Wuhan, 430074,
More informationUML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept
UML Representation of Extended Role-Based Access Control Model with the Use of Usage Control Concept Aneta Poniszewska-Maranda Institute of Information Technology, Technical University of Lodz, Poland
More informationModule 4: Access Control
Module 4: Access Control Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University, Jackson, MS 39232 E-mail: natarajan.meghanathan@jsums.edu Access Control In general,
More informationData Security and Privacy. Topic 8: Role Based Access Control
Data Security and Privacy Topic 8: Role Based Access Control Plan for this lecture CodeShield: towards personalized application whitelisting. Christopher S. Gates, Ninghui Li, Jing Chen, Robert W. Proctor:
More informationExtended RBAC With Blob Storage On Cloud
Extended RBAC With Blob Storage On Cloud Mamoon Rashid Research Scholar Department Of Computer Science Engineering Ramgharia Institute of Engineering and Technology Phagwara, Punjab, India. Email: mamoon873@gmail.com.
More informationChapter 4: Access Control
(DAC) Chapter 4: Comp Sci 3600 Security Outline (DAC) 1 2 (DAC) 3 4 5 Attribute-based control (DAC) The prevention of unauthorized use of a resource, including the prevention of use of a resource in an
More informationRole and Task-based Access Control in the PerDiS Groupware Platform
Role and Task-based Access Control in the PerDiS Groupware Platform George Coulouris, Jean Dollimore, Marcus Roberts Department of Computer Science Queen Mary and Westfield College University of London
More informationInformation Security CS 526
Information Security CS 526 Topic 23: Role Based Access Control CS526 Topic 23: RBAC 1 Readings for This Lecture RBAC96 Family R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. Role-Based Access
More informationAnalysis of TRBAC with Dynamic Temporal Role Hierarchies
Analysis of TRBAC with Dynamic Temporal Role Hierarchies Emre Uzun 1, Vijayalakshmi Atluri 2, Jaideep Vaidya 1, and Shamik Sural 3 1 MSIS Department, Rutgers Business School, USA {emreu,jsvaidya}@cimic.rutgers.edu
More informationXML Access Control for Semantically Related XML Documents
XML Access Control for Semantically Related XML Documents Vijay Parmar and Hongchi Shi Department of Computer Engineering & Computer Science University of Missouri-Columbia Columbia, MO 65211, USA vnp9b1@mizzou.edu
More informationHybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model
Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model James B. D. Joshi #, Elisa Bertino *, Arif Ghafoor # Center for Education and Research in Information Assurance and Security
More informationAccess Control for Shared Resources
Access Control for Shared Resources Erik Wilde and Nick Nabholz Computer Engineering and Networks Laboratory (TIK) Swiss Federal Institute of Technology (ETH Zürich) Abstract Access control for shared
More informationAnalysis of Various RBAC and ABAC Based Access Control Models with Their Extension
Analysis of Various RBAC and ABAC Based Access Control Models with Their Extension Prajapati Barkha, Gurucharansingh Sahani Student, Assistant Professor, Computer Engineering Department, Sardar Vallabhbhai
More informationEfficient Role Based Access Control Method in Wireless Environment
Efficient Role Based Access Control Method in Wireless Environment Song-hwa Chae 1, Wonil Kim 2, and Dong-kyoo Kim 3* 1 1 Graduate School of Information and Communication, Ajou University, Suwon, Korea
More informationQUT Digital Repository:
QUT Digital Repository: http://eprints.qut.edu.au/ Pham, Quan and McCullagh, Adrian J. and Dawson, Edward P. (2007) Consistency of User Attribute in Federated Systems. In Lambrinoudakis, Costas and Pernul,
More informationAccess Control. Discretionary Access Control
Access Control Discretionary Access Control 1 Outlines Access Control Discretionary Access Control (DAC) Mandatory Access Control (MAC) Role-Based Access Control (RBAC) 2 Access Control Access control
More informationRBAC: Motivations. Users: Permissions:
Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of authorizations can become extremely large For dynamic user population,
More informationDEPLOYING MULTI-TIER APPLICATIONS ACROSS MULTIPLE SECURITY DOMAINS
DEPLOYING MULTI-TIER APPLICATIONS ACROSS MULTIPLE SECURITY DOMAINS Igor Balabine, Arne Koschel IONA Technologies, PLC 2350 Mission College Blvd #1200 Santa Clara, CA 95054 USA {igor.balabine, arne.koschel}
More informationAn Approach to XML-Based Administration and Secure Information Flow Analysis on an Object Oriented Role-Based Access Control Model
JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 22, 49-61 (2006) An Approach to XML-Based Administration and Secure Information Flow Analysis on an Object Oriented Role-Based Access Control Model CUNGANG
More informationSecurity-Conscious XML Indexing
Security-Conscious XML Indexing Yan Xiao, Bo Luo, and Dongwon Lee The Pennsylvania State University, University Park, USA xiaoyan515@gmail.com, {bluo,dongwon}@psu.edu Abstract. To support secure exchanging
More informationSCHEMA BASED XML SECURITY: RBAC APPROACH
SCHEMA BASED XML SECURITY: RBAC APPROACH Xinwen Zhang, Jaehong Park, and Ravi Sandhu George Mason University {xzhang6, jpark2, sandhu) } @gmu.edu Abstract Security of XML instance is a basic problem, especially
More informationAccess Control Models
Access Control Models Dr. Natarajan Meghanathan Associate Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Access Control Models Access Control to regulate
More informationCS 356 Lecture 7 Access Control. Spring 2013
CS 356 Lecture 7 Access Control Spring 2013 Review Chapter 1: Basic Concepts and Terminology Integrity, Confidentiality, Availability, Authentication, and Accountability Types of threats: active vs. passive,
More informationMobile and Heterogeneous databases Security. A.R. Hurson Computer Science Missouri Science & Technology
Mobile and Heterogeneous databases Security A.R. Hurson Computer Science Missouri Science & Technology 1 Note, this unit will be covered in two lectures. In case you finish it earlier, then you have the
More informationAdvanced Access Control. Role-Based Access Control. Common Concepts. General RBAC Rules RBAC96
Advanced Access Control In many cases, identity is a bad criteria for authorization. We examine two modern paradigms for access control, which overcome this limitation: 1. Role-Based Access Control 2.
More informationSupport for Situation-Awareness in. Trustworthy Ubiquitous Computing Application Software
Support for Situation-Awareness in Trustworthy Ubiquitous Computing Application Software Stephen S. Yau, Dazhi Huang, Haishan Gong, Yisheng Yao Department of Computer Science and Engineering Arizona State
More informationCS590U Access Control: Theory and Practice. Lecture 12 (February 23) Role Based Access Control
CS590U Access Control: Theory and Practice Lecture 12 (February 23) Role Based Access Control Role-Based Access Control Models. R.S. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman. IEEE Computer,
More informationSeparation of Duty in Role-Based Access Control Model through Fuzzy Relations
Third International Symposium on Information Assurance and Security Separation of Duty in Role-Based Access Control Model through Fuzzy Relations Hassan Takabi Morteza Amini Rasool Jalili Network Security
More informationOverview on Role Based Access Control Scheme in Cloud Computing
Overview on Role Based Access Control Scheme in Cloud Computing ABSTRACT Kritika Soni 1, Dr.Suresh Kumar 2 Assistant Professor, Professor and HOD, CSE deptt. CSE Deptt. MRIIRS MRIIRS Cloud computing is
More informationConflict Checking of Separation of Duty Constraints in RBAC - Implementation Experiences
xorbac Conflict Checking of Separation of Duty Constraints in RBAC - Implementation Experiences Mark Strembeck Department of Information Systems, New Media Lab Vienna University of Economics and BA, Austria
More informationTemporal Authorizations Scheme for XML Documents
University of Wollongong Research Online Faculty of Informatics - Papers (Archive) Faculty of Engineering and Information Sciences 2007 Temporal Authorizations Scheme for XML Documents Jing Wu University
More informationAccess Control (slides based Ch. 4 Gollmann)
Access Control (slides based Ch. 4 Gollmann) Preliminary Remarks Computer systems and their use have changed over the last three decades. Traditional multi-user systems provide generic services to their
More informationComputer Security 3e. Dieter Gollmann. Chapter 5: 1
Computer Security 3e Dieter Gollmann www.wiley.com/college/gollmann Chapter 5: 1 Chapter 5: Access Control Chapter 5: 2 Introduction Access control: who is allowed to do what? Traditionally, who is a person.
More informationPrivacy based temporal rbac model
Privacy based temporal rbac model S.SATHEA SREE Department of CSE, MNM Jain Engineering College, Chennai. satheasadasivam@gmail.com Abstract Privacy has been acknowledged to be a critical requirement for
More informationDS RBAC Dynamic Sessions in Role Based Access Control
Journal of Universal Computer Science, vol. 15, no. 3 (2009), 538-554 submitted: 3/1/09, accepted: 28/1/09, appeared: 1/2/09 J.UCS DS RBAC Dynamic Sessions in Role Based Access Control Jörg R. Mühlbacher
More informationAccess Control. Discretionary Access Control
Access Control Discretionary Access Control 1 Access Control Access control is where security engineering meets computer science. Its function is to control which (active) subject have access to a which
More informationMohamed Mahmoud Mahmoud Azab. Education: Ongoing research:
Mohamed Mahmoud Mahmoud Azab -Assistant Prof., Informatics Research Institute, The City of Scientific Research & Technology Applications, Alexandria-Egypt. - Researcher, VT-MENA research center of Excellence,
More informationA Location based Secure Access Control Method for Geospatial Data using Fine Grained Security Access Method
IJSRD - International Journal for Scientific Research & Development Vol. 2, Issue 03, 2014 ISSN (online): 2321-0613 A Location based Secure Access Control Method for Geospatial Data using Fine Grained
More informationThe architecture of a web service-based remote control service system
Loughborough University Institutional Repository The architecture of a web service-based remote control service system This item was submitted to Loughborough University's Institutional Repository by the/an
More informationDistributed Access Control Based on Proxy Signature in M2M Sensor Networks
Research Journal of Applied Sciences, Engineering and Technology 5(11): 3069-3073, 2013 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2013 Submitted: August 11, 2012 Accepted: September
More informationCore Role Based Access Control (RBAC) mechanism for MySQL
Core Role Based Access Control (RBAC) mechanism for MySQL by Ian Molloy Radu Dondera Umang Sharan CS541 Project Report Under the Guidance of Prof. Elisa Bertino With the Department of Computer Science
More informationGroup-Centric Models for Secure and Agile Information Sharing
Institute for Cyber Security Group-Centric Models for Secure and Agile Information Sharing Ravi Sandhu Executive Director and Endowed Professor October 2010 ravi.sandhu@utsa.edu, www.profsandhu.com, www.ics.utsa.edu
More informationAttribute based Access Control Model for Multi- Mission Data in Space Ground System
Attribute based Access Control Model for Multi- Mission Data in Space Ground System Somdatta Nath somdatta.nath@gd-ms.com 2015 by GDMS. Published by The Aerospace Corporation with permission. Overview
More informationTrustworthiness Based Authorization on WWW
CERIAS Tech Report 2002-08 Trustworthiness Based Authorization on WWW Y. Zong, B. Bhargava, M. Mahoui Center for Education and Research in Information Assurance and Security & Department of Computer Science,
More informationAccess Control Part 1 CCM 4350
Access Control Part 1 CCM 4350 Overview of Access Control Lectures Three Lectures on Access Control following D. Gollmann. Computer Security. Wiley: Chapter 4. Part 1: Authorisation and Access Operation
More informationT-RBAC based Multi-domain Access Control Method in Cloud
T-RBAC based Multi-domain Access Control Method in Cloud Dapeng Xiong, Liang Chen Academy of Equipment,Beijing 101416,China E-mail: xiongdapeng@outlook.com, 252958524@qq.com Received: November 6, 2016
More informationJournal of Chemical and Pharmaceutical Research, 2014, 6(2): Research Article
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(2):101-109 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Researches on the access secure control workflow
More informationACTIVE SECURITY ISSUES IN HEALTHCARE INFORMATION SYSTEMS. Christos K. Georgiadis, Ioannis Mavridis and George Pangalos
ACTIVE SECURITY ISSUES IN HEALTHCARE INFORMATION SYSTEMS Christos K. Georgiadis, Ioannis Mavridis and George Pangalos Informatics Lab., Computers Div., Faculty of Technology Aristotle University of Thessaloniki
More informationTemporal Hierarchy and Inheritance Semantics for GTRBAC
CERIAS Tech Report 2001-52 Temporal Hierarchy and Inheritance Semantics for GTRBAC James B. D. Joshi 1, Elisa Bertino 2, Arif Ghafoor 1 Center for Education and Research in Information Assurance and Security
More informationDesign and Implementation of unified Identity Authentication System Based on LDAP in Digital Campus
Advanced Materials Research Online: 2014-04-09 ISSN: 1662-8985, Vols. 912-914, pp 1213-1217 doi:10.4028/www.scientific.net/amr.912-914.1213 2014 Trans Tech Publications, Switzerland Design and Implementation
More informationAuthentication and Authorization User Management within a Collaborative Community
Proceedings of the 11th WSEAS International Conference on COMPUTERS, Agios Nikolaos, Crete Island, Greece, July 26-28, 2007 565 Authentication and Authorization User Management within a Collaborative Community
More informationAN EFFECTIVE FRAMEWORK FOR EXTENDING PRIVACY- PRESERVING ACCESS CONTROL MECHANISM FOR RELATIONAL DATA
AN EFFECTIVE FRAMEWORK FOR EXTENDING PRIVACY- PRESERVING ACCESS CONTROL MECHANISM FOR RELATIONAL DATA Morla Dinesh 1, Shaik. Jumlesha 2 1 M.Tech (S.E), Audisankara College Of Engineering &Technology 2
More informationA TEMPORARILY-SPATIALLY CONSTRAINED MODEL BASED ON TRBAC IN WORKFLOW SYSTEM
A TEMPORARILY-SPATIALLY CONSTRAINED MODEL BASED ON TRBAC IN WORKFLOW SYSTEM Limin Ao *, Wei Zhou, Xiaodong Zhu College of Information Engineering, Northeast Dianli University, Jilin, Jilin 132012, China
More informationRepresentation and Reasoning on Role-Based Access Control Policies with Conceptual Graphs
Representation and Reasoning on Role-Based Access Control Policies with Conceptual Graphs Romuald Thion and Stéphane Coulondre LIRIS: Lyon Research Center for Images and Intelligent Information Systems,
More informationSecurity for smart Electricity GRIDs
Security for smart Electricity GRIDs Project type: Collaborative project small or medium scale focused research project Grant agreement no: 607109 Thematic Priority: FP7-SEC-2013-1 Start date of project:
More informationPerformance Evaluation of A Role Based Access Control Constraints in Role Mining Using Cardinality
Performance Evaluation of A Role Based Access Control Constraints in Role Mining Using Cardinality Yogita R. More 1, Dr. S. V. Gumaste 2 PG Scholar, Dept.Of Computer Engineering, GES's R. H. Sapat COE,
More informationAccess Control Models Part II
Access Control Models Part II CERIAS and CS &ECE Departments Pag. 1 Introduction Other models: The Chinese Wall Model it combines elements of DAC and MAC RBAC Model it is a DAC model; however, it is sometimes
More informationInteractive Campaign Planning for Marketing Analysts
Interactive Campaign Planning for Marketing Analysts Fan Du University of Maryland College Park, MD, USA fan@cs.umd.edu Sana Malik Adobe Research San Jose, CA, USA sana.malik@adobe.com Eunyee Koh Adobe
More informationPolicy Based Security
BSTTech Consulting Pty Ltd Policy Based Security The implementation of ABAC Security through trusted business processes (policy) and enforced metadata for people, systems and information. Bruce Talbot
More informationResearch on 3G Terminal-Based Agricultural Information Service
Research on 3G Terminal-Based Agricultural Information Service Neng-fu Xie and Xuefu Zhang Agricultural Information Institute, The Chinese Academy of Agricultural Sciences Key Laboratory of Digital Agricultural
More informationContext Aware Computing
CPET 565/CPET 499 Mobile Computing Systems Context Aware Computing Lecture 7 Paul I-Hai Lin, Professor Electrical and Computer Engineering Technology Purdue University Fort Wayne Campus 1 Context-Aware
More informationA Distributed Media Service System Based on Globus Data-Management Technologies1
A Distributed Media Service System Based on Globus Data-Management Technologies1 Xiang Yu, Shoubao Yang, and Yu Hong Dept. of Computer Science, University of Science and Technology of China, Hefei 230026,
More informationMiddleware Support for Embedded Software with Multiple QoS Properties for Ubiquitous Computing Environments
Middleware Support for Embedded Software with Multiple QoS Properties for Ubiquitous Computing Environments Stephen S. Yau, Yu Wang and Dazhi Huang Department of Computer Science and Engineering Arizona
More informationPolicy Storage for Role-Based Access Control Systems
Policy Storage for Role-Based Access Control Systems András Belokosztolszki, David M. Eyers, Wei Wang, Ken Moody University of Cambridge Computer Laboratory JJ Thomson Avenue, Cambridge, United Kingdom
More informationCall for Papers for Communication QoS, Reliability and Modeling Symposium
Call for Papers for Communication QoS, Reliability and Modeling Symposium Scope and Motivation: In modern communication networks, different technologies need to cooperate with each other for end-to-end
More informationContextion: A Framework for Developing Context-Aware Mobile Applications
Contextion: A Framework for Developing Context-Aware Mobile Applications Elizabeth Williams, Jeff Gray Department of Computer Science, University of Alabama eawilliams2@crimson.ua.edu, gray@cs.ua.edu Abstract
More informationRelationship-Based Access Control (ReBAC)
CS 5323 Relationship-Based Access Control (ReBAC) Pro. Ravi Sandhu Executive Director and Endowed Chair Lecture 6 ravi.utsa@gmail.com www.prosandhu.com 1 Access Control Fixed policy Discretionary Access
More informationJ I N G H A I R A O. Institute for Software Research School of Computer Science Carnegie Mellon University 5000 Forbes Ave Pittsburgh, PA 15213
J I N G H A I R A O Institute for Software Research School of Computer Science Carnegie Mellon University 5000 Forbes Ave Pittsburgh, PA 15213 Office: +1 412 268 1357 Fax: +1 412 268 7287 Mobile: +1 412
More informationSecuring Content in the Department of Defense s Global Information Grid
Securing Content in the Department of Defense s Global Information Grid Secure Knowledge Workshop State University of New York - Buffalo 23-24 September 2004 Robert W. McGraw Technical Director IA Architecture
More informationPost-Class Quiz: Access Control Domain
1. In order to perform data classification process, what must be present? A. A data classification policy. B. A data classification standard. C. A data classification procedure. D. All of the above. 2.
More informationAuto Finding and Resolving Distributed Firewall Policy
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 10, Issue 5 (Mar. - Apr. 2013), PP 56-60 Auto Finding and Resolving Distributed Firewall Policy Arunkumar.k 1,
More informationIdentity, Authentication and Authorization. John Slankas
Identity, Authentication and Authorization John Slankas jbslanka@ncsu.edu Identity Who or what a person or thing is; a distinct impression of a single person or thing presented to or perceived by others;
More informationEDUCATION RESEARCH EXPERIENCE
PERSONAL Name: Mais Nijim Gender: Female Address: 901 walkway, apartment A1 Socorro, NM 87801 Email: mais@cs.nmt.edu Phone: (505)517-0150 (505)650-0400 RESEARCH INTEREST Computer Architecture Storage Systems
More informationImprovement of Buffer Scheme for Delay Tolerant Networks
Improvement of Buffer Scheme for Delay Tolerant Networks Jian Shen 1,2, Jin Wang 1,2, Li Ma 1,2, Ilyong Chung 3 1 Jiangsu Engineering Center of Network Monitoring, Nanjing University of Information Science
More informationA Survey of Self-Protecting Computing Systems
A Survey of Self-Protecting Computing Systems Essien Ayanam The Volgenau School of Engineering George Mason University Fairfax, Virginia, 22030, USA Email: eayanam@gmu.edu Outline Introduction Overview
More informationState of Colorado Cyber Security Policies
TITLE: State of Colorado Cyber Security Policies Access Control Policy Overview This policy document is part of the State of Colorado Cyber Security Policies, created to support the State of Colorado Chief
More informationModeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments
Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments Sigrid Schefer-Wenzl, Mark Strembeck Institute for Information Systems and New Media Vienna University of
More informationFirewall Policy Modelling and Anomaly Detection
Firewall Policy Modelling and Anomaly Detection 1 Suhail Ahmed 1 Computer Science & Engineering Department, VTU University, SDIT, Mangalore, Karnataka. India Abstract - In this paper an anomaly management
More informationMobile and Ubiquitous Computing
Mobile and Ubiquitous Computing Today l Mobile, pervasive and volatile systems l Association and Interoperation l Sensing context and adaptation RIP? How is mobility different Mobile elements are resource-poor
More informationPERMIS An Application Independent Authorisation Infrastructure. David Chadwick
PERMIS An Application Independent Authorisation Infrastructure David Chadwick Role/Attribute Based Access Control Model Hierarchical Role based Access Control (RBAC) Permissions are allocated to roles/attributes
More informationTOWARDS THE IMPLEMENTATION OF TEMPORAL-BASED SOFTWARE VERSION MANAGEMENT AT UNIVERSITI DARUL IMAN MALAYSIA
TOWARDS THE IMPLEMENTATION OF TEMPORAL-BASED SOFTWARE VERSION MANAGEMENT AT UNIVERSITI DARUL IMAN MALAYSIA M Nordin A Rahman, Azrul Amri Jamal and W Dagang W Ali Faculty of Informatics Universiti Darul
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define access control and list the four access control models Describe logical access control
More informationArcGIS Enterprise: Architecture & Deployment. Anthony Myers
ArcGIS Enterprise: Architecture & Deployment Anthony Myers 1 2 3 4 5 Web GIS Overview of ArcGIS Enterprise Federation & Hosted Server Deployment Patterns Implementation 1 Web GIS ArcGIS Enabling GIS for
More informationOpen Access Algorithm of Context Inconsistency Elimination Based on Feedback Windowing and Evidence Theory for Smart Home
Send Orders for Reprints to reprints@benthamscience.ae The Open Automation and Control Systems Journal, 2014, 6, 637-648 637 Open Access Algorithm of Context Inconsistency Elimination Based on Feedback
More informationCyber Security Standards Developments
INTERNATIONAL ELECTROTECHNICAL COMMISSION Cyber Security Standards Developments Bart de Wijs Head of Cyber Security Power Grids Division ABB b.v. Frédéric Buchi Sales&Consulting Cyber Security Siemens
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: St. Thomas University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More informationInformation Retrieval System Based on Context-aware in Internet of Things. Ma Junhong 1, a *
Information Retrieval System Based on Context-aware in Internet of Things Ma Junhong 1, a * 1 Xi an International University, Shaanxi, China, 710000 a sufeiya913@qq.com Keywords: Context-aware computing,
More informationScienceDirect. Toward an Access Control Model for IOTCollab
Available online at www.sciencedirect.com ScienceDirect Procedia Computer Science 52 (2015 ) 428 435 The 6th International Conference on Ambient Systems, Networks and Technologies (ANT 2015) Toward an
More informationLiferay Security Features Overview. How Liferay Approaches Security
Liferay Security Features Overview How Liferay Approaches Security Table of Contents Executive Summary.......................................... 1 Transport Security............................................
More informationSECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS
WHITE PAPER SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS The Challenges Of Securing AWS Access and How To Address Them In The Modern Enterprise Executive Summary When operating in Amazon Web Services
More informationApplying the Semantic Web Layers to Access Control
J. Lopez, A. Mana, J. maria troya, and M. Yague, Applying the Semantic Web Layers to Access Control, IEEE International Workshop on Web Semantics (WebS03), pp. 622-626, 2003. NICS Lab. Publications: https://www.nics.uma.es/publications
More informationWeaving Rewrite-Based Access Control Policies
Weaving Rewrite-Based Access Control Policies Anderson Santana de Oliveira a, Eric Ke Wang ab, Claude Kirchner a, Hélène Kirchner a INRIA & LORIA The University of Hong Kong FMSE, 2007 Oliveira, Wang,
More informationCanadian Access Federation: Trust Assertion Document (TAD)
Participant Name: Trent University Canadian Access Federation: Trust Assertion Document (TAD) 1. Purpose A fundamental requirement of Participants in the Canadian Access Federation is that they assert
More information